/**
* Validate the data of the current record.
*
* @return boolean True for valid.
*/
public function recordValidate()
{
// One is the unique value available because is a global module
if (Phprojekt_Module::getSaveType(Phprojekt_Module::getId($this->getModelName())) >= 1) {
$this->projectId = 1;
}
return true;
}
public static function mergeWithRole($moduleId, $projectId, $userId, $itemRights)
{
/* there is currently only an implementation for standard modules with
* save type NORMAL */
if (Phprojekt_Module::getSaveType($moduleId) == Phprojekt_Module::TYPE_NORMAL) {
$roleRights = new Phprojekt_RoleRights($projectId, $moduleId, 0, $userId);
$roleRightRead = $roleRights->hasRight('read');
$roleRightWrite = $roleRights->hasRight('write');
$roleRightCreate = $roleRights->hasRight('create');
$roleRightAdmin = $roleRights->hasRight('admin');
// Map roles with item rights and make one array
foreach ($itemRights as $itemId => $accessMask) {
$access = Phprojekt_Acl::NONE;
if ($roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::ADMIN;
}
if ($roleRightRead || $roleRightWrite || $roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::DOWNLOAD;
}
if ($roleRightWrite || $roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::DELETE;
}
if ($roleRightWrite || $roleRightCreate || $roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::COPY;
}
if ($roleRightWrite || $roleRightCreate || $roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::CREATE;
}
if ($roleRightRead || $roleRightWrite || $roleRightCreate || $roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::ACCESS;
}
if ($roleRightWrite || $roleRightCreate || $roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::WRITE;
}
if ($roleRightRead || $roleRightWrite || $roleRightAdmin) {
$access |= $accessMask & Phprojekt_Acl::READ;
}
$itemRights[$itemId] = $access;
}
}
return $itemRights;
}
/**
* Validate the data of the current record.
*
* @return boolean True for valid.
*/
public function recordValidate()
{
// one is the unique value available because calendar is a global module
if (Phprojekt_Module::getSaveType(Phprojekt_Module::getId($this->getModelName())) >= 1) {
$this->projectId = 1;
}
if (strtotime($this->startDatetime) >= strtotime($this->endDatetime)) {
$this->_validate->error->addError(array('field' => "Event duration", 'label' => Phprojekt::getInstance()->translate('Event duration'), 'message' => Phprojekt::getInstance()->translate('End date and time has to be after Start date and ' . 'time')));
return false;
}
return parent::recordValidate();
}
/**
* Returns some params for the body of the notification
* according to the current module and the event we are informing to the users.
*
* @return array Array with options.
*/
public function getBodyParams()
{
$bodyParams = array();
// Action
switch ($this->_lastHistory[0]['action']) {
case self::LAST_ACTION_ADD:
$bodyParams['actionLabel'] = "created";
break;
case self::LAST_ACTION_EDIT:
default:
$bodyParams['actionLabel'] = "modified";
break;
}
// Module
$bodyParams['moduleTable'] = $this->_model->getModelName();
// Url
$url = Phprojekt::getInstance()->getConfig()->webpath . "index.php#" . $this->_model->getModelName();
$saveType = Phprojekt_Module::getSaveType(Phprojekt_Module::getId($this->_model->getModelName()));
if ($saveType == 0) {
$url .= "," . $this->_model->projectId;
}
$url .= ",id," . $this->_model->id;
$bodyParams['url'] = $url;
return $bodyParams;
}
/**
* Check if the user has delete access to the item if is not a global module.
*
* @param Phprojekt_Model_Interface $model The model to save.
* @param string $moduleName The current module.
*
* @return boolean True for a valid right.
*/
private static function _checkItemRights($model, $moduleName)
{
$canDelete = false;
if ($moduleName == 'Core') {
return Phprojekt_Auth::isAdminUser();
} else {
if (Phprojekt_Module::getSaveType(Phprojekt_Module::getId($moduleName)) == 0) {
$itemRights = $model->getRights();
if (isset($itemRights['currentUser'])) {
if (!$itemRights['currentUser']['delete'] && !$itemRights['currentUser']['admin']) {
$canDelete = false;
} else {
$canDelete = true;
}
}
} else {
$canDelete = true;
}
}
return $canDelete;
}
/**
* Returns the right merged with the role for each user has on a Phprojekt item.
*
* @param array $rights Array of rights per user.
*
* @return array Array of rights per user.
*/
public function _mergeRightsAndRole($rights)
{
$moduleId = Phprojekt_Module::getId($this->getModelName());
$saveType = Phprojekt_Module::getSaveType($moduleId);
switch ($saveType) {
case Phprojekt_Module::TYPE_NORMAL:
$roleRights = new Phprojekt_RoleRights($this->projectId, $moduleId, $this->id);
$roleRightRead = $roleRights->hasRight('read');
$roleRightWrite = $roleRights->hasRight('write');
$roleRightCreate = $roleRights->hasRight('create');
$roleRightAdmin = $roleRights->hasRight('admin');
// Map roles with item rights and make one array
foreach ($rights as $userId => $access) {
foreach ($access as $name => $value) {
switch ($name) {
case 'admin':
$rights[$userId]['admin'] = $roleRightAdmin && $value;
break;
case 'download':
$rights[$userId]['download'] = ($roleRightRead || $roleRightWrite || $roleRightAdmin) && $value;
break;
case 'delete':
$rights[$userId]['delete'] = ($roleRightWrite || $roleRightAdmin) && $value;
break;
case 'copy':
$rights[$userId]['copy'] = ($roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value;
break;
case 'create':
$rights[$userId]['create'] = ($roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value;
break;
case 'access':
$rights[$userId]['access'] = ($roleRightRead || $roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value;
break;
case 'write':
$rights[$userId]['write'] = ($roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value;
break;
case 'read':
$rights[$userId]['read'] = ($roleRightRead || $roleRightWrite || $roleRightAdmin) && $value;
break;
case 'none':
$rights[$userId]['none'] = $value;
break;
}
}
}
break;
case Phprojekt_Module::TYPE_GLOBAL:
break;
case Phprojekt_Module::TYPE_MIX:
// Implement saveType 2
break;
}
return $rights;
}
/**
* Parse the rights for all the users and return it into a bitmask per user.
*
* @param array $params The post values.
* @param string $type Type of right, for users or modules.
* @param string $moduleId The module ID.
* @param boolean $newItem If is a new item or not.
* @param integer $ownerId The owner ID or 0 for the current user.
*
* @return array Array with user IDs per access.
*/
private static function getRights($params, $type, $moduleId = 0, $newItem = false, $ownerId = 0)
{
$right = array();
$rights = array();
if (isset($params['dataAccess'])) {
$ids = array_keys($params['dataAccess']);
foreach ($ids as $accessId) {
$right = array();
$right['none'] = self::_checked($params, 'checkNoneAccess', $accessId);
$right['read'] = self::_checked($params, 'checkReadAccess', $accessId);
$right['write'] = self::_checked($params, 'checkWriteAccess', $accessId);
$right['access'] = self::_checked($params, 'checkAccessAccess', $accessId);
$right['create'] = self::_checked($params, 'checkCreateAccess', $accessId);
$right['copy'] = self::_checked($params, 'checkCopyAccess', $accessId);
$right['delete'] = self::_checked($params, 'checkDeleteAccess', $accessId);
$right['download'] = self::_checked($params, 'checkDownloadAccess', $accessId);
$right['admin'] = self::_checked($params, 'checkAdminAccess', $accessId);
$rights[$accessId] = Phprojekt_Acl::convertArrayToBitmask($right);
}
}
if ($type == self::ITEM_TYPE) {
// Only set the full access if is a new item
if ($newItem) {
if ($ownerId == 0) {
$ownerId = Phprojekt_Auth::getUserId();
}
$rights[$ownerId] = Phprojekt_Acl::ALL;
}
// Return access only for allowed users
$activeRecord = Phprojekt_Loader::getLibraryClass('Phprojekt_User_User');
$result = $activeRecord->getAllowedUsers();
$resultRights = array();
foreach ($result as $node) {
if (isset($rights[$node['id']])) {
$resultRights[$node['id']] = $rights[$node['id']];
}
}
if (isset($params['dataAccess'])) {
$moduleType = Phprojekt_Module::getSaveType($moduleId);
if ($moduleType != 1) {
// Items under a project => add admin with full access
$resultRights[1] = Phprojekt_Acl::ALL;
}
}
} else {
$resultRights = $rights;
}
return $resultRights;
}
